From owner-freebsd-stable  Tue Jan 11 12:44:52 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from dozer.skynet.be (dozer.skynet.be [195.238.2.36])
	by hub.freebsd.org (Postfix) with ESMTP
	id E692F15019; Tue, 11 Jan 2000 12:44:45 -0800 (PST)
	(envelope-from blk@skynet.be)
Received: from [195.238.1.121] (brad.techos.skynet.be [195.238.1.121])
	by dozer.skynet.be (8.9.3/odie-relay-v1.0) with ESMTP id VAA22500;
	Tue, 11 Jan 2000 21:44:15 +0100 (MET)
Mime-Version: 1.0
X-Sender: blk@foxbert.skynet.be
Message-Id: <v04220815b4a145a0a6db@[195.238.1.121]>
In-Reply-To: <200001111947.LAA55191@cwsys.cwsent.com>
References: <200001111947.LAA55191@cwsys.cwsent.com>
Date: Tue, 11 Jan 2000 21:41:43 +0100
To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>,
	Dag-Erling Smorgrav <des@flood.ping.uio.no>
From: Brad Knowles <blk@skynet.be>
Subject: Re: Kernel Option: TCP_DROP_SYNFIN
Cc: Holtor <holtor@yahoo.com>, freebsd-questions@FreeBSD.ORG,
	freebsd-stable@FreeBSD.ORG
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 11:46 AM -0800 2000/1/11, Cy Schubert - ITSD Open Systems Group wrote:

>  The following ipfw rule will also prevent OS fingerprinting.
>
>  deny log tcp from any to any in tcpflg fin,syn
>
>  Would this too have problems with TTCP?

	Yup.  I haven't read the RFC, but I've read the first bit of 
_TCP/IP Illustrated, Volume 3: TCP for Transactions, HTTP, NNTP, and 
the UNIX(r) Domain Protocols_ by Stevens, and by definition TTCP uses 
SYN+FIN.

-- 
   These are my opinions -- not to be taken as official Skynet policy
  ____________________________________________________________________
|o| Brad Knowles, <blk@skynet.be>            Belgacom Skynet NV/SA |o|
|o| Systems Architect, News & FTP Admin      Rue Col. Bourg, 124   |o|
|o| Phone/Fax: +32-2-706.11.11/12.49         B-1140 Brussels       |o|
|o| http://www.skynet.be                     Belgium               |o|
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
  Unix is like a wigwam -- no Gates, no Windows, and an Apache inside.
   Unix is very user-friendly.  It's just picky who its friends are.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message